Re: [logs] OT: 'Automated Log Analysis'

From: NixGuru (nixguruat_private)
Date: Tue Jun 18 2002 - 14:11:28 PDT

Next message: Adrian Mink: "Re: [logs] OT: 'Automated Log Analysis'"

Previous message: Rajkumar S.: "[logs] How are you analysing logs now?"
Next in thread: Adrian Mink: "Re: [logs] OT: 'Automated Log Analysis'"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 18 Jun 2002, Jay D. Dyson wrote:

<snip>
>
> 	Indeed.  No slight to NixGuru, but I'd rather have such a tool for
> local use.  I have large concerns about sending my logs over an insecure
> channel (e-mail).  This concern is compounded by the prospect of sending
> said logs to a remote system operated by someone whom I've never met, much
> less broken bread with (thus, no trust).
>
> 	It's a good idea, but the implementation is fraught with
> complications that I would sooner prefer to avoid.
>

</snip>

The following is OT, considering this is the 'loganalysis' list, but
here goes:

This is one of my main concerns: how to build a trustworthy relation
with a potential user of the analysis system? Especially considering
that, from a clients perspective, the logs are sent to a third party,
they are in cleartext, and who knows for what they will be used?

In light of the responses, this list ought to have the 'creme de la
creme' of loganalysts. And thus should be skeptical to a proposition
such as this. And I am pleased to see that this is the case.
However, the 'listers' here might not be the main target audience.
Your are all too advanced...

As you say, you would prefer to have such an analysis tool locally.
And I agree.  BUT. And here's the big BUT. There are a huge amount of
sites that do not monitor their logs at all. Simply because they don't
have the resources. Be it time, funding, knowledge or whatever. They
just don't have it. So, to at least offer some sort of analysis, which
in itself is an advanced process, these non-analyzed sites can simply
e-mail their logs to the service, and receive a report.

Basically, it could be as simple as adding a 'cat <logfile> | mail
loggerat_private' in the daily log file rotation script. And an
analysis will be performed, with the results returned straight in
your mailbox.

Thanks for your time.

nix

---------------------------------------------------------------------
To unsubscribe, e-mail: loganalysis-unsubscribeat_private
For additional commands, e-mail: loganalysis-helpat_private

Next message: Adrian Mink: "Re: [logs] OT: 'Automated Log Analysis'"
Previous message: Rajkumar S.: "[logs] How are you analysing logs now?"
Next in thread: Adrian Mink: "Re: [logs] OT: 'Automated Log Analysis'"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Jun 18 2002 - 14:27:44 PDT